RE: [PATCH 1/3] Fix backward-ring-buffer.c format-truncation error
From: David Laight
Date: Thu Jul 25 2019 - 14:06:24 EST
From: Numfor Mbiziwo-Tiapo
> Sent: 24 July 2019 19:45
>
> Perf does not build with the ubsan (undefined behavior sanitizer)
> and there is an error that says:
>
> tests/backward-ring-buffer.c:23:45: error: â%dâ directive output
> may be truncated writing between 1 and 10 bytes into a region of
> size 8 [-Werror=format-truncation=]
> snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
>
> This can be reproduced by running (from the tip directory):
> make -C tools/perf USE_CLANG=1 EXTRA_CFLAGS="-fsanitize=undefined"
>
> Th error occurs because they are writing to the 10 byte buffer - the
> index 'i' of the for loop and the 2 byte hardcoded string. If somehow 'i'
> was greater than 8 bytes (10 - 2), then the snprintf function would
> truncate the string. Increasing the size of the buffer fixes the error.
Get the compiler fixed so that it knows the domain of the value can never
exceed the compile-time constant NR_ITERS.
> Signed-off-by: Numfor Mbiziwo-Tiapo <nums@xxxxxxxxxx>
> ---
> tools/perf/tests/backward-ring-buffer.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/tests/backward-ring-buffer.c b/tools/perf/tests/backward-ring-buffer.c
> index 6d598cc071ae..1a9c3becf5ff 100644
> --- a/tools/perf/tests/backward-ring-buffer.c
> +++ b/tools/perf/tests/backward-ring-buffer.c
> @@ -18,7 +18,7 @@ static void testcase(void)
> int i;
>
> for (i = 0; i < NR_ITERS; i++) {
> - char proc_name[10];
> + char proc_name[15];
At least use [16]
>
> snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
> prctl(PR_SET_NAME, proc_name);
> --
> 2.22.0.657.g960e92d24f-goog
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)